To protect our shared environment, we have set the CAS Level to Custom. The custom setting is basically medium level with some exceptions including ODBC, OLEDB, sockets, Reflection Permissions and Web Permissions. This setting cannot be overridden.

Here are the permissions granted by the medium trust level:

Medium
Permissions are limited to what the application can access within the directory structure of the application.
No file access is permitted outside of the application's virtual directory hierarchy.
Can access SQL Server
Can send email by using SMTP servers
Limited rights to certain common environment variables
No reflection permissions whatsoever
No sockets permission
To access Web resources, you must explicitly add endpoint 'URLs' - either in the originUrl attribute of the
element or inside the policy file.

The following exceptions have been granted in addition to the ones listed above: